●● IRC: #boycottnovell @ FreeNode: Sunday, April 11, 2021 ●● ● Apr 11 [01:35] *rianne_ has quit (Ping timeout: 240 seconds) [01:36] *liberty_box has quit (Ping timeout: 240 seconds) [01:38] *rianne_ (~rianne@host81-154-169-167.range81-154.btcentralplus.com) has joined #boycottnovell [01:39] *liberty_box (~liberty@host81-154-169-167.range81-154.btcentralplus.com) has joined #boycottnovell ● Apr 11 [02:05] *rianne_ has quit (Ping timeout: 268 seconds) [02:06] *liberty_box has quit (Ping timeout: 268 seconds) [02:10] *rianne_ (~rianne@host81-154-169-167.range81-154.btcentralplus.com) has joined #boycottnovell [02:11] *liberty_box (~liberty@host81-154-169-167.range81-154.btcentralplus.com) has joined #boycottnovell ● Apr 11 [03:09] *rianne_ has quit (Quit: Konversation terminated!) [03:09] *rianne_ (~rianne@host81-154-169-167.range81-154.btcentralplus.com) has joined #boycottnovell [03:57] *rianne_ has quit (Ping timeout: 252 seconds) [03:58] *liberty_box has quit (Ping timeout: 252 seconds) ● Apr 11 [04:02] *rianne_ (~rianne@host81-154-169-167.range81-154.btcentralplus.com) has joined #boycottnovell [04:10] *liberty_box (~liberty@host81-154-169-167.range81-154.btcentralplus.com) has joined #boycottnovell ● Apr 11 [07:00] schestowitz [01:02] Now someone allegedly sends spam https://github.com/rms-support-letter/rms-support-letter.github.io/issues/6450#issuecomment-817202713 with what dpocock tells us, about Red Hat, and signed with the name of a Fedora employee (who is against RMS, but didn't sign the letter) [07:00] schestowitz [01:03] s/employee/person/ [07:00] -TechrightsBN/#boycottnovell-github.com | Mail spam Issue #6450 rms-support-letter/rms-support-letter.github.io GitHub [07:57] schestowitz x https://www.makeuseof.com/ntfs-fat-exfat-windows-10-file-systems-explained/ [07:57] schestowitz # sw patents drive deployement instead [07:57] -TechrightsBN/#boycottnovell-www.makeuseof.com | NTFS, FAT, exFAT: Windows 10 File Systems Explained ● Apr 11 [08:07] *rianne_ has quit (Remote host closed the connection) [08:08] *rianne_ (~rianne@host81-154-169-167.range81-154.btcentralplus.com) has joined #boycottnovell ● Apr 11 [09:06] *liberty_box has quit (Ping timeout: 252 seconds) [09:07] *rianne_ has quit (Ping timeout: 268 seconds) [09:09] *rianne_ (~rianne@host81-154-169-167.range81-154.btcentralplus.com) has joined #boycottnovell [09:09] *liberty_box (~liberty@host81-154-169-167.range81-154.btcentralplus.com) has joined #boycottnovell [09:20] *liberty_box has quit (Ping timeout: 240 seconds) [09:21] *rianne_ has quit (Ping timeout: 252 seconds) ● Apr 11 [10:07] *liberty_box (~liberty@host81-154-169-167.range81-154.btcentralplus.com) has joined #boycottnovell [10:07] *rianne_ (~rianne@host81-154-169-167.range81-154.btcentralplus.com) has joined #boycottnovell ● Apr 11 [11:33] *liberty_box has quit (Ping timeout: 260 seconds) [11:33] *rianne_ has quit (Ping timeout: 268 seconds) ● Apr 11 [12:44] *rianne_ (~rianne@host81-154-169-167.range81-154.btcentralplus.com) has joined #boycottnovell [12:45] *liberty_box (~liberty@host81-154-169-167.range81-154.btcentralplus.com) has joined #boycottnovell ● Apr 11 [14:31] Techrights-sec https://nitter.cc/zoobab/status/1381229388994338822#m [14:31] -TechrightsBN/#boycottnovell-nitter.cc | zoobab "NO Software Patents" (@zoobab): "JURI EPO Poem: "The house has spoken The EPO is broken Bribery of token Regulators awoken Immunity! Impunity! Kangaroo courts dismantled Their composition was all meddled" http://techrights.org/2021/04/11/juri-poem/" | nitter [14:32] Techrights-sec https://nitter.cc/zoobab/status/1381227662966976516#m [14:32] -TechrightsBN/#boycottnovell-nitter.cc | zoobab "NO Software Patents" (@zoobab): "Breaking News: Campinos to Appear Before the Legals Affairs Committee of the European Parliament on Monday 12 April http://techrights.org/2021/04/10/campinos-juri/ #epo #juri #europarl" | nitter [14:32] Techrights-sec https://nitter.cc/NormanTShenley/status/1381200451379601410#m [14:32] -TechrightsBN/#boycottnovell-nitter.cc | N.Shenley- Tweets by @miserablesatire from 130121 (@NormanTShenley): "The Gates's house and Rick Allen Jones - is what we should all be asking more questions about. http://techrights.org/2020/06/23/engineer-of-bill-gates/" | nitter ● Apr 11 [15:58] *rianne_ has quit (Ping timeout: 252 seconds) [15:58] *liberty_box has quit (Ping timeout: 260 seconds) ● Apr 11 [16:01] *rianne_ (~rianne@host81-154-169-167.range81-154.btcentralplus.com) has joined #boycottnovell [16:02] *liberty_box (~liberty@host81-154-169-167.range81-154.btcentralplus.com) has joined #boycottnovell ● Apr 11 [17:25] *liberty_box has quit (Ping timeout: 252 seconds) [17:25] *rianne_ has quit (Ping timeout: 240 seconds) [17:27] *rianne_ (~rianne@host81-154-169-167.range81-154.btcentralplus.com) has joined #boycottnovell [17:34] schestowitz I have changed the monitoring with apachetop slightly for tuxmachines to better understand the nature of the attacks. Tomorrow gyms reopen; if the site is under attack, would you be able to give the DB a kick (if needed)? It's one command. [17:37] *liberty_box (~liberty@host81-154-169-167.range81-154.btcentralplus.com) has joined #boycottnovell [17:48] schestowitz Re: EPO questions for tomorrow in JURI [17:49] schestowitz > Hi, [17:49] schestowitz > [17:49] schestowitz > If you have some questions to ask to Mr Campinos, let me know. [17:49] schestowitz > [17:49] schestowitz > I have drafted some and sent them to some MEPs. [17:49] schestowitz Ask him about Microsoft outsourcing and EPOTIF ('shadow budget'), then baseless claims of GDPR compliance. [17:56] schestowitz > Hi Roy, [17:56] schestowitz > [17:56] schestowitz > I noticed your recent blog about hosting and censorship. [17:56] schestowitz > [17:56] schestowitz > Some of the sites moved from Hetzner.de to Orangewebsite.com (Iceland). [17:56] schestowitz > [17:56] schestowitz > There were a handful of SLAPP requests on Hetzner [17:56] schestowitz > [17:56] schestowitz > There have been no SLAPP requests through Orangewebsite.com [17:56] schestowitz > [17:56] schestowitz > On the broader censorship question, I don't just write blogs. I've been [17:56] schestowitz > looking at some robust solutions. People are complaining about all the [17:56] schestowitz > following being censored: [17:56] schestowitz > [17:56] schestowitz > - Planet sites (Planet Fedora stopped syndicating any blogs during the [17:56] schestowitz > first week of the hate letter, it could just be coincidence) [17:56] schestowitz > [17:56] schestowitz > - IRC (users in the rms-support-letter forum opened an issue about [17:56] schestowitz > Freenode and OFTC both kicking people who support RMS) [17:56] schestowitz > [17:56] schestowitz > - Discourse forums (since moving discussions from email to Discourse, [17:56] schestowitz > Red Hat and Mozilla have both been particularly vicious in pruning [17:56] schestowitz > conversations) [17:56] schestowitz > [17:56] schestowitz > - Mastadon (you blogged about this yourself) [17:56] schestowitz > [17:56] schestowitz > - conferences (see my comments about Google pulling funding from OSCAL, [17:56] schestowitz > I have other emails about conference speaker censorship too, then there [17:56] schestowitz > is the Linus/DebConf thing) [17:56] schestowitz > [17:56] schestowitz > - packages: notice that some packages vanish when Developers are subject [17:57] schestowitz > to these plots [17:57] schestowitz > [17:57] schestowitz > I feel that solving the censorship problem involves solving all [17:57] schestowitz > together, not just attacking one of these things at a time. [17:57] schestowitz > [17:57] schestowitz > On your own publishing workflows, are you sharing any code that can help [17:57] schestowitz > other people with any aspect of converting their content to a form that [17:57] schestowitz > can live in Gemini and IPFS? HTML has issues with relative links and [17:57] schestowitz > this is compounded when the blogs are syndicated in Planet sites. The [17:57] schestowitz > Planet sites need absolute links in the IMG tags but IPFS needs relative [17:57] schestowitz > links. A static site generator like Jekyll may be able to turn out [17:57] schestowitz > multiple versions of the same site with both types of link or it may be [17:57] schestowitz > able to use different conventions in the rss.xml and regular HTML. [17:57] schestowitz The nature of the censorship we deal with in Techrights is quite different. Social control media is, in general, not a good idea at all. It's temporarily useful in some cases, but over the long run it's just data loss. [17:57] schestowitz All in all, the tactics and tone used define who will support you and who you will alienate. Recently some people complained about unwanted emails and "doxing". [17:57] schestowitz (Re: hosting changes, SLAPP, censorship) ● Apr 11 [19:38] Techrights-sec [19:38] Techrights-sec ack I don't see any of them in my monitoring so I must modify them, but [19:38] Techrights-sec don't know the approach to take yet. [19:39] schestowitz some time ago I fixed DNS issues (DNS servers that were retired 13 days ago without me noticing), also scanned the TM DB... no issues found [19:40] schestowitz I also combined all the CSS files into one, but the DB still goes into a frenzy due to some reason sometimes, restarting it seems like the only way to go [19:41] schestowitz can we maybe set a rule to restart mysqld when cpu load is maxed? [19:41] schestowitz Yesterday, or last night, I saw the same scraping type attack directed at TM and TR at the very same time, so it looks like someone does something by intention [19:42] Techrights-sec what else could possibly be optimized? [19:42] Techrights-sec Can Varnish be put in front? [19:43] Techrights-sec Is the origin of the attacks limited to a set of IP addresses or a subnet? [19:43] Techrights-sec If so, then they could be filtered out in the net. [19:44] schestowitz my thoughts are, maybe it's time to upgrade this OS and DB, because it needs to be done regardless [19:46] Techrights-sec Yes, I think that upgrading would help very much. It would allow other [19:46] Techrights-sec mitgations too ● Apr 11 [20:08] Techrights-sec I wonder if I should introduce a short(er) timeout in the monitoring [20:08] Techrights-sec scripts on this end. [20:09] schestowitz There are lots of improvements we can do, there's always maintenance stuff to be done, and the scale of the sites justifies the efforts. I just want not too move too fast and break things, hence I typically make small changes each day, then judge the effects overnight, we don't have a CI-type pipeline [20:10] Techrights-sec A full update of the OS is needed, that might break things. [20:11] schestowitz for sure, but for TM we need older versions of some things, even if LTS versions [20:17] Techrights-sec Well, I still have that spare machine for testing available for a few more days. [20:17] Techrights-sec Perhaps a VM could be set up there and then copied over to HV? [20:18] schestowitz I was thinking exactly that... [20:18] schestowitz the general task is, make TM work the same there, but on a newer OS [20:18] schestowitz as a VM that is portable [20:18] schestowitz or a container [20:21] Techrights-sec I guess lxd could be set up there , but qemu is more familiar. [20:23] schestowitz with the DB on TM going into weird frenzies under attack and sometimes without any (I've scanned it several times) I think it's time to rush up the move to something newer [20:23] Techrights-sec Is there a strong preference either way? lxd or qemu? [20:24] schestowitz lxd is used in alpine, but with the VMs qemu too was used. lxd for the containers [20:24] Techrights-sec I agree. [20:24] Techrights-sec What about moving to PostGresql at the same time? [20:24] Techrights-sec That's probably the way forward in general after the Oracle acquisition of [20:24] Techrights-sec mysql [20:25] schestowitz drupal is better with mysql, I think [20:27] Techrights-sec What about wordpress though? [20:27] schestowitz works better with mysql, but in theory can be made to work with other DBs [20:28] Techrights-sec Ok, then that would be for much, much later. The3 main task is a new OS. [20:29] schestowitz This might need postponing, due to heavy workload on kaniini's side (more to follow in a mo) [20:31] schestowitz in the meantime, do you know how to trigger mysqld restart when the load picks? The conditional statement in bash is the key part I am not familiar with [20:32] Techrights-sec It would be a value collected using https://wiki.bash-hackers.org/syntax/expansion/cmdsubst [20:32] -TechrightsBN/#boycottnovell-wiki.bash-hackers.org | Command substitution [Bash Hackers Wiki] [20:37] Techrights-sec load=$(uptime | awk '{a=$(NF-2);sub(/,$/,"",a); print a}') [20:37] Techrights-sec be sure to have a wait in there to prevent another type of DoS [20:39] schestowitz techrights just came under ddos, same pattern as last night, I've temporarily blocked the target [20:43] Techrights-sec see ~/load-trigger.sh [20:43] Techrights-sec (unt3ested) [20:43] schestowitz thanks, I will check [20:47] schestowitz which machine? [20:48] schestowitz never mind, found it, TR [20:58] schestowitz [20:24] what up [20:58] schestowitz [20:25] :-D [20:58] schestowitz [20:25] is there a change we can upgrade tuxmachines to a new OS like alpine? [20:58] schestowitz [20:25] *chance [20:58] schestowitz [20:26] probably in the future, i have been busy with work [20:58] schestowitz [20:26] yes, I could see based on IRC [20:58] schestowitz [20:26] thanks for the catch-up anyway and thanks for everything else [20:58] schestowitz [20:26] and with the current issues in the FOSS world, i am tkaing a break from techrights et al [20:58] schestowitz [20:28] our world has been through tougher times in the past, e.g. SCO suit and Novell deal [20:58] schestowitz [20:33] our world is under attack by daniel pocock [20:58] schestowitz [20:33] that too [20:58] schestowitz [20:33] he's really disappointing [20:58] schestowitz [20:33] it's pretty amazing that he got the "RMS should fuck off" and "we love RMS" crowds to agree on something [20:58] schestowitz [20:36] anyway, this is precisely why i urged you to not syndicate his content. he is literally just making stuff up and quoting things out of context to make his points. he is angry that his debian developer privileges were suspended because he was mentoring his girlfriend as part of Google Summer of Code [20:58] schestowitz [20:36] at this point, i think he is just angry in general [20:58] schestowitz [20:37] but that makes him immensely dangerous to our world, as he only wishes to be destructive [20:58] schestowitz [20:39] this is not the usual thing i involve myself in. my main goal is to build something that can possibly last a long time and be meaningful [20:58] schestowitz [20:40] the thing is, pocock's motive is revenge against every person and institution he feels has wronged him. he isn't even pro-RMS, he's just pro-RMS *right now* because it's convenient to him to be [20:59] schestowitz [20:41] yes, he lost it [20:59] schestowitz [20:41] anyway, we now focus on the EPO stuff [20:59] schestowitz [20:41] tomorrow the EPO is facing grilling in EC [20:59] schestowitz [20:41] or EP rather [20:59] schestowitz MinceR: ^^ thanks, we got that sorted ● Apr 11 [21:00] schestowitz mildly redacted [21:00] schestowitz nothing sensitive there [21:00] schestowitz or that should not be seen publiclyh [21:01] MinceR nice [21:01] schestowitz we sorted out a 'patch' [21:01] schestowitz duct tape the TM [21:02] schestowitz the script will do what we did manually, needs some testing ● Apr 11 [22:05] *MinceR has quit (Ping timeout: 246 seconds) [22:41] schestowitz script trigger works ok now [22:41] schestowitz if bc <<< "$load >= 20" | grep -q 1; [22:42] schestowitz it has just mitigated an attack [22:42] schestowitz I think I know the nature of an attack now as well [22:42] schestowitz they attacked TR earlier [22:52] Techrights-sec https://nitter.cc/fcassia/status/1381352038538285062#m [22:53] -TechrightsBN/#boycottnovell-nitter.cc | Fernando Cassia (@fcassia): "What the hell happened to @schestowitz @glynmoody" | nitter ● Apr 11 [23:15] *MinceR (mincer@unaffiliated/mincer) has joined #boycottnovell